Method and system for registering and verifying smart card certificate for users moving between public key infrastructure domains
First Claim
1. A system for registering and verifying a smart card certificate for users moving between public key infrastructure domains, comprising:
- a smart card for storing a first certificate of a first domain;
a terminal located in a second domain to transmit a certification response using the first certificate of the smart card and to transmit a second certificate of the second domain to the smart card with respect to the transmitted certification response; and
a second certification authority located in the second domain,wherein the second certification authority transmits its own public key to the terminal, and the terminal transmits the public key of the second certification authority to the smart card, and the smart card verifies the terminal by verifying the second certificate by using the public key of the second certification authority,wherein the first domain is different from the second domain, andwherein the second certification authority verifies the certification response transmitted through the terminal, creates the second certificate to be stored in the smart card and transmits the created second certificate to the terminal.
1 Assignment
0 Petitions
Accused Products
Abstract
Disclosed herein is a method and system for registering and verifying a smart card certificate for users moving between public key infrastructure domains, which allows a user moving between domains to have a smart card certified in a terminal located in an external domain other than a home domain. According to the present invention, when a user wants his/her own smart card to be certified in a terminal of an external domain, a certification authority of the external domain can certify the smart card using a certificate stored in the smart card and signed electronically by a certification authority of a home domain. Additionally, a new certificate issued by the certification authority of the external domain is stored in the certified smart card, so that a certificate of the moving user can be verified regardless of domains and a new certificate of a moved domain can be easily obtained.
25 Citations
18 Claims
-
1. A system for registering and verifying a smart card certificate for users moving between public key infrastructure domains, comprising:
-
a smart card for storing a first certificate of a first domain; a terminal located in a second domain to transmit a certification response using the first certificate of the smart card and to transmit a second certificate of the second domain to the smart card with respect to the transmitted certification response; and a second certification authority located in the second domain, wherein the second certification authority transmits its own public key to the terminal, and the terminal transmits the public key of the second certification authority to the smart card, and the smart card verifies the terminal by verifying the second certificate by using the public key of the second certification authority, wherein the first domain is different from the second domain, and wherein the second certification authority verifies the certification response transmitted through the terminal, creates the second certificate to be stored in the smart card and transmits the created second certificate to the terminal. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for registering and verifying a smart card certificate for users moving between public key infrastructure domains, comprising:
-
a smart card for storing a first certificate of a first domain; a first terminal located in the first domain to transmit a certification response using the first certificate stored in the smart card and to transmit a second certificate of a second domain to the smart card with respect to the transmitted certification response; and a second certification authority located in the second domain, wherein the second certification authority transmits its own public key to a first certification authority in the first domain, and the first certification authority transmits the public key of the second certification authority to the first terminal, and the first terminal transmits the public key of the second certification authority to the smart card, and the smart card verifies a second terminal in the second domain by verifying the second certificate by using the transmitted public key of the second certification authority, a first certification authority located in the first domain to verify the certification response transmitted through the first terminal and to transmit the second certificate to be stored in the smart card to the first terminal, wherein the first domain is different from the second domain. - View Dependent Claims (8)
-
-
9. A method for registering and verifying a smart card certificate for users moving between public key infrastructure domains, comprising the steps of:
-
a user accessing a terminal located in a second domain using a smart card in which a first certificate of a first certification authority is stored; the smart card transmitting a certification response to a certification request of the terminal using the first certificate of the smart card to the terminal; the terminal transmitting the certification response of the smart card to a second certification authority located in the second domain; and the terminal transmitting a second certificate of the second certification authority transmitted from the second certification authority to the smart card in response to the transmitted certification response, wherein, the step of the terminal transmitting the second certificate of the second certification authority comprises the steps of; the second certification authority transmitting its own public key to the terminal; the terminal transmitting the public key of the second certification authority to the smart card; and the smart card verifying the terminal by verifying the second certificate by using the public key of the second certification authority, wherein the first domain is different from the second domain, wherein the step of the smart card transmitting the certification response comprises the steps of; the terminal transmitting a certification request message to the smart card; and the smart card electronically signing the certification request message, and transmitting the certification response including the signed certification request message and the first certificate to the terminal. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A method for registering and verifying a smart card certificate for users moving between public key infrastructure domains, comprising the steps of:
-
a user accessing a first terminal located in a first domain using a smart card in which a first certificate of the first domain is stored; the smart card transmitting a certification response to a certification request of the first terminal using the first certificate of the smart card to the first terminal; the first terminal transmitting the certification response of the smart card to the first certification authority located in the first domain; the first terminal transmitting a second certificate of a second certification authority transmitted from the first certification authority to the smart card in response to the transmitted certification response, the second certification authority transmitting its own public key to the first certification authority; the first certification authority transmitting the public key of the second certification authority to the first terminal; the first terminal transmitting the public key of the second certification authority to the smart card; and the smart card verifying a second terminal by verifying the second certificate by using the transmitted public key of the second certification authority, wherein the first domain is different from a second domain, wherein the step of the smart card transmitting the certification response comprises the steps of; the first terminal transmitting a certification request message to the smart card; and the smart card electronically signing an electronic signature to the certification request message, and transmitting the certification response including the signed certification request message and the first certificate to the first terminal. - View Dependent Claims (15, 16, 17, 18)
-
Specification